Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/kxpX1lCQQ8yOBbstUeCdv_zpUVM.roa
File: kxpX1lCQQ8yOBbstUeCdv_zpUVM.roa (raw, json)
Hash identifier: oJhD38+sw8OGBYsN0ao2Z9Co7xQKNJ8DNYl0qpddiRA=
Subject key identifier: 93:1A:57:D6:50:90:43:CC:8E:05:BB:2D:51:E0:9D:BF:FC:E9:51:53
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 0194206870C5F4FBB047C0B9259D5A68BFEB
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/kxpX1lCQQ8yOBbstUeCdv_zpUVM.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47316
IP address blocks: 2a12:c6c7:1000::/36 maxlen: 48
2a12:c6c7:2000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:70:c5:f4:fb:b0:47:c0:b9:25:9d:5a:68:bf:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=931a57d6509043cc8e05bb2d51e09dbffce95153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:95:a0:c2:f5:80:f2:3a:96:bf:17:9d:1c:bb:
4c:4c:d9:18:3f:66:64:4f:ff:db:91:69:d1:27:41:
38:1f:37:48:56:e4:fe:41:41:65:f1:7a:84:18:a3:
67:33:8e:c4:16:06:bf:83:8e:41:1a:39:42:20:c3:
5d:87:96:97:e3:3c:ea:ca:33:9c:f2:b5:87:a5:20:
17:57:92:09:c3:c0:fc:8f:25:1f:56:f0:ff:80:72:
2a:05:27:1b:8c:c2:4c:93:96:d3:0e:82:97:cd:69:
de:4a:d3:0d:92:b4:fc:9d:c2:eb:19:4f:8e:82:ea:
5e:b9:b5:95:18:ca:54:ed:b0:a1:5c:ea:70:01:9d:
cb:72:f0:8c:8f:c9:39:6b:a2:81:11:d7:56:f8:f9:
96:43:de:f2:3f:82:ee:d9:63:88:36:8f:61:f6:67:
0f:0d:6b:2d:68:01:cc:09:74:93:9a:50:21:ab:ed:
dc:14:e4:c8:db:4d:75:59:79:92:87:ce:0d:88:9b:
a1:8f:85:20:51:74:16:fe:0c:52:2f:c1:4d:df:69:
f3:c3:bb:95:48:c8:ff:9c:e3:d9:2a:71:c3:e6:d1:
90:61:77:1f:20:33:f8:6e:8d:0d:ad:78:32:07:52:
0b:9d:bf:b4:bb:02:49:76:78:e3:72:4c:a1:c4:86:
26:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:1A:57:D6:50:90:43:CC:8E:05:BB:2D:51:E0:9D:BF:FC:E9:51:53
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/kxpX1lCQQ8yOBbstUeCdv_zpUVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c7:1000::-2a12:c6c7:2fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:14:1a:a7:4a:e2:47:20:21:63:0f:8b:23:d9:84:d3:d5:24:
b2:00:22:d4:33:ae:c6:22:58:79:74:2e:89:62:52:20:60:61:
da:ca:d0:d8:54:15:60:b4:5f:fb:55:7e:79:4e:cb:54:ae:61:
59:b9:4d:f8:dc:e4:24:75:5e:e4:b4:98:99:84:d4:c7:c4:c7:
5f:d6:61:37:15:8b:26:e7:77:23:15:b8:1f:fd:ae:81:a1:c8:
cf:b9:96:d0:fc:24:5b:8f:89:d5:67:16:20:02:f9:21:1f:b8:
a2:b8:c1:a1:f6:45:06:5d:60:27:b9:5f:da:76:4b:f6:79:5b:
c6:bc:c3:09:ac:8f:3f:b3:cd:7f:71:9c:b4:43:93:61:08:55:
f0:a7:7e:37:eb:6a:9b:73:d8:d1:76:2c:96:ca:d7:86:83:ee:
d6:e8:dc:51:13:f8:71:79:9c:34:1b:74:f8:cf:01:90:11:a1:
d4:4a:27:9e:4c:04:09:a8:51:a8:e2:e6:98:5a:1f:41:19:64:
62:88:8e:70:c6:fd:5c:5d:a6:68:d9:5c:78:85:2e:b6:b0:a3:
13:fa:ff:67:e2:a7:01:8f:be:71:f7:4c:8c:29:91:50:00:31:
ee:f0:e1:a6:72:df:38:2c:7f:c9:18:25:ba:aa:4a:50:12:9c:
57:a7:5a:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaHDF9PuwR8C5JZ1aaL/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzFhNTdkNjUwOTA0M2NjOGUwNWJiMmQ1MWUwOWRiZmZjZTk1MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupWgwvWA8jqWvxedHLtMTNkYP2Zk
T//bkWnRJ0E4HzdIVuT+QUFl8XqEGKNnM47EFga/g45BGjlCIMNdh5aX4zzqyjOc
8rWHpSAXV5IJw8D8jyUfVvD/gHIqBScbjMJMk5bTDoKXzWneStMNkrT8ncLrGU+O
gupeubWVGMpU7bChXOpwAZ3LcvCMj8k5a6KBEddW+PmWQ97yP4Lu2WOINo9h9mcP
DWstaAHMCXSTmlAhq+3cFOTI2011WXmSh84NiJuhj4UgUXQW/gxSL8FN32nzw7uV
SMj/nOPZKnHD5tGQYXcfIDP4bo0NrXgyB1ILnb+0uwJJdnjjckyhxIYmZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJMaV9ZQkEPMjgW7LVHgnb/86VFTMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEva3hwWDFsQ1FROHlPQmJzdFVlQ2R2X3pwVVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgQqEsbH
EAMGBCoSxscgMA0GCSqGSIb3DQEBCwUAA4IBAQBUFBqnSuJHICFjD4sj2YTT1SSy
ACLUM67GIlh5dC6JYlIgYGHaytDYVBVgtF/7VX55TstUrmFZuU343OQkdV7ktJiZ
hNTHxMdf1mE3FYsm53cjFbgf/a6BocjPuZbQ/CRbj4nVZxYgAvkhH7iiuMGh9kUG
XWAnuV/adkv2eVvGvMMJrI8/s81/cZy0Q5NhCFXwp34362qbc9jRdiyWyteGg+7W
6NxRE/hxeZw0G3T4zwGQEaHUSieeTAQJqFGo4uaYWh9BGWRiiI5wxv1cXaZo2Vx4
hS62sKMT+v9n4qcBj75x90yMKZFQADHu8OGmct84LH/JGCW6qkpQEpxXp1p4
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:43:09 2025 by rpki-client